|
|
51aede7c00
|
Rename fsol?? hosts to fsol-gw??
|
2021-03-17 21:28:49 +00:00 |
|
|
|
77ee001c54
|
Don't store shell host ip to known_hosts in adm
|
2021-03-17 21:03:14 +00:00 |
|
|
|
3d885de573
|
ifstated: Fix fireall problems when fsol-gw is booted
For some reason firewall rules are not correctly loaded during boot
so reload them when ifstated starts.
|
2021-03-17 20:31:41 +00:00 |
|
|
|
4072abf55e
|
Use random mac for fsol01 in dna interface
|
2021-03-17 20:18:00 +00:00 |
|
|
|
887d4872d9
|
ifstated: Cannot validate config during provisioning
Network is restarted at the end of play run so ifstated validation
fails due to missing interfaces.
|
2021-03-17 19:05:01 +00:00 |
|
|
|
37ef5eb504
|
ifstated: Validate config before restarting
|
2021-03-17 18:48:41 +00:00 |
|
|
|
18a4c592ce
|
bird: Restart bird after config changes
|
2021-03-17 18:44:11 +00:00 |
|
|
|
00c204912f
|
bird: Remove leftover vim swap file
|
2021-03-17 18:42:02 +00:00 |
|
|
|
7b9c0b1f4d
|
Add ifstated to fsol-gw hosts
|
2021-03-17 18:41:25 +00:00 |
|
|
|
9d03799d40
|
Add pfsync0 interface to fsol-gw hosts
|
2021-03-17 18:36:00 +00:00 |
|
|
|
7175dc85b8
|
pf: Allow carp traffic on fsol-gw hosts
|
2021-03-17 18:30:09 +00:00 |
|
|
|
e37fd4eb8f
|
Move future pfsync to different subnet/vlan
|
2021-03-17 18:13:52 +00:00 |
|
|
|
01dc86e3e2
|
bird: Use dynamic router id
|
2021-03-17 18:13:23 +00:00 |
|
|
|
46281c0ca7
|
Dont store vim swap files to git
|
2021-03-17 18:07:10 +00:00 |
|
|
|
8c5770c79a
|
Fix warnings from git data directory mount options
|
2021-03-17 05:58:00 +00:00 |
|
|
|
635a867068
|
syslog: Fix syntax warnings from log backup cron job
|
2021-03-17 05:41:12 +00:00 |
|
|
|
08c62bd21b
|
ldap/server: Fix syntax warnings about cron job
|
2021-03-17 05:40:20 +00:00 |
|
|
|
72dabd40d1
|
Fix warnings from ldap01 mount
|
2021-03-17 05:37:10 +00:00 |
|
|
|
a745cdb3ee
|
sshd: Remove some unused and potentially dangerous features
|
2021-03-17 05:20:41 +00:00 |
|
|
|
282fbcb932
|
sshd: Disable CentOS 8+ crypto policies for sshd
|
2021-03-17 05:17:53 +00:00 |
|
|
|
6858706c0b
|
base: Remove ssh handler as it's now in own role
|
2021-03-17 05:16:11 +00:00 |
|
|
|
0172750ca1
|
sshd: Move ssh deamon configuration to own role
|
2021-03-17 05:15:05 +00:00 |
|
|
|
c99efeab61
|
Lint fixes
|
2021-03-16 23:07:26 +00:00 |
|
|
|
b1c135974e
|
Add production ready playbooks to master playbook
|
2021-03-16 23:01:49 +00:00 |
|
|
|
6a712f7737
|
sendmail: Add newalises handler support
|
2021-03-16 22:46:42 +00:00 |
|
|
|
7febf3bda5
|
nginx/server: Use mozilla recommended ssl settings
|
2021-03-16 22:45:21 +00:00 |
|
|
|
55855d7c15
|
Start working on replicated fsol gw
* Add fsol01 host
* Move everything to fsol01 for now
* Add pfsync interface
* Try to fix firewall rules with correct no-sync options
|
2021-03-16 22:41:58 +00:00 |
|
|
|
d41d59a0d4
|
Move loghost to vmhost01 and increase data disk size
|
2021-03-16 21:02:33 +00:00 |
|
|
|
1ad8a4e3f8
|
ldap_netdb: Fix dependencies
|
2021-03-16 20:17:56 +00:00 |
|
|
|
cad340750b
|
ldap_gravatar: Fix dependencies
|
2021-03-16 20:17:28 +00:00 |
|
|
|
c7bc132d11
|
Add ldap_gravatar role to primary ldap server
|
2021-03-16 19:19:23 +00:00 |
|
|
|
015de5a8df
|
ldap_gravatar: Initial version of role
|
2021-03-16 19:18:55 +00:00 |
|
|
|
b841119e1a
|
Don't hardcode ip addressses. Use netgroups instead.
|
2021-03-16 17:54:52 +00:00 |
|
|
|
5783675589
|
sendmail: Restart sendmail after config changes
|
2021-03-16 17:22:54 +00:00 |
|
|
|
bfc59bfb2d
|
sendmail: Fix hostname part from kerberos principal
|
2021-03-16 17:21:51 +00:00 |
|
|
|
35b919910f
|
sendmail: Remove duplicate config option
|
2021-03-16 17:21:30 +00:00 |
|
|
|
c1ee7e81d0
|
saslauthd: Convert ldap to use fastbind
Seems that cert auth always returns success even for invalid passwords. :)
|
2021-03-16 11:51:10 +00:00 |
|
|
|
0f6d33072e
|
sendmail: Better ordering for auth mechanisms
|
2021-03-16 09:26:47 +00:00 |
|
|
|
e5a47f1511
|
Add ns01.home.foo.sh
|
2021-03-16 08:45:50 +00:00 |
|
|
|
ded4730735
|
sendmail: Add dhparams
|
2021-03-16 08:31:15 +00:00 |
|
|
|
ac3ac750c1
|
sendmail: Don't hardcode tls key and cert paths
|
2021-03-16 08:27:23 +00:00 |
|
|
|
183208afff
|
dovecot: Use Mozilla intermediate ssl settings
|
2021-03-16 07:30:29 +00:00 |
|
|
|
2f2db828b2
|
dhparams: Helper role to copy dhparams file to hosts
|
2021-03-16 07:30:02 +00:00 |
|
|
|
9acebe47c6
|
Add irssi to shell hosts
|
2021-03-16 03:05:50 +00:00 |
|
|
|
a7795193e7
|
dovecot: Fix permissons from kerberos keytab
|
2021-03-16 02:57:20 +00:00 |
|
|
|
b87092ccca
|
Add static01.home.foo.sh
|
2021-03-16 02:30:16 +00:00 |
|
|
|
9ffe1dc3c0
|
Add shell01.home.foo.sh
|
2021-03-16 02:15:24 +00:00 |
|
|
|
2f39d6ebf9
|
kvm-host: Add virt-top
|
2021-03-16 01:19:23 +00:00 |
|
|
|
7fbd201242
|
kvm-host: Add base libvirt packages not just daemon
|
2021-03-16 01:09:23 +00:00 |
|
|
|
190d09e783
|
Use sssd instead of nslcd on nas hosts
|
2021-03-16 01:00:55 +00:00 |
|
